Signature Detail
Short Name |
APP:KERBEROS:KBR-DOS-TCP-2 |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Kerberos Denial of Service over TCP (2) |
Release Date |
2006/02/21 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Kerberos Denial of Service over TCP (2)
This signature detects a heap corruption attack in the MIT Kerberos V5 Key Distribution Center (KDC) implementation. The vulnerability is caused from improper handling of an error case. An unauthenticated remote attacker can leverage this vulnerability to cause a denial of service or to execute arbitrary code, potentially compromising an entire Kerberos realm.
Extended Description
The Kerberos 5 Key Distribution Center (KDC) implementation of Kerberos is affected by a remote denial-of-service vulnerability. This issue arises because the application tries to free uninitialized memory at a random address when handling a remote request over TCP. Specifically, the vulnerability arises when the application handles a principle name consisting of zero components. All MIT Kerberos 5 releases up to and including krb5-1.4.1 are vulnerable. Third-party application servers employing Kerberos 5 may be affected as well.
Affected Products
- Apple Mac OS X 10.4.2
- Apple Mac OS X Server 10.4.2
- Conectiva Linux 10.0.0
- Conectiva Linux 9.0.0
- Debian Linux 3.0.0
- Debian Linux 3.0.0 Alpha
- Debian Linux 3.0.0 Arm
- Debian Linux 3.0.0 Hppa
- Debian Linux 3.0.0 Ia-32
- Debian Linux 3.0.0 Ia-64
- Debian Linux 3.0.0 M68k
- Debian Linux 3.0.0 Mips
- Debian Linux 3.0.0 Mipsel
- Debian Linux 3.0.0 Ppc
- Debian Linux 3.0.0 S/390
- Debian Linux 3.0.0 Sparc
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- Gentoo Linux
- IBM DCE 3.2.0 for AIX
- Mandriva Corporate Server 2.1.0
- Mandriva Corporate Server 2.1.0 X86 64
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.0.0
- Mandriva Linux Mandrake 10.0.0 amd64
- Mandriva Linux Mandrake 10.1.0
- Mandriva Linux Mandrake 10.1.0 X86 64
- Mandriva Linux Mandrake 10.2.0
- Mandriva Linux Mandrake 10.2.0 X86 64
- Mandriva Multi Network Firewall 2.0.0
- MIT Kerberos 5 5.0.0 -1.0.X
- MIT Kerberos 5 5.0.0 -1.1
- MIT Kerberos 5 5.0.0 -1.1.1
- MIT Kerberos 5 5.0.0 -1.2Beta1
- MIT Kerberos 5 5.0.0 -1.2Beta2
- MIT Kerberos 5 5.0.0 -1.3.3
- MIT Kerberos 5 5.0.0 -1.3.4
- MIT Kerberos 5 5.0.0 -1.3.5
- MIT Kerberos 5 5.0.0 -1.3.6
- MIT Kerberos 5 5.0.0 -1.4
- MIT Kerberos 5 5.0.0 -1.4.1
- Red Hat Fedora Core3
- Red Hat Fedora Core4
- SGI ProPack 3.0.0 SP6
- Sun SEAM 1.0.0
- Sun SEAM 1.0.1
- Sun SEAM 1.0.2
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
- Sun Solaris 8 Sparc
- Sun Solaris 8 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- Sun Solaris 9 X86 Update 2
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- Trustix Secure Enterprise Linux 2.0.0
- Trustix Secure Linux 2.2.0
- Trustix Secure Linux 3.0.0
- Turbolinux Appliance Server 1.0.0 Hosting Edition
- Turbolinux Appliance Server 1.0.0 Workgroup Edition
- Turbolinux Home
- Turbolinux Turbolinux Desktop 10.0.0
- Turbolinux Turbolinux Server 10.0.0
- Turbolinux Turbolinux Server 8.0.0
- Ubuntu Ubuntu Linux 4.1.0 Ia32
- Ubuntu Ubuntu Linux 4.1.0 Ia64
- Ubuntu Ubuntu Linux 4.1.0 Ppc
- Ubuntu Ubuntu Linux 5.0.0 4 Amd64
- Ubuntu Ubuntu Linux 5.0.0 4 I386
- Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
References
- BugTraq: 14240
- CVE: CVE-2005-1174
- URL: http://web.mit.edu/kerberos/advisories/2005-002-patch_1.4.1.txt